<?php defined('IN_LK') or die('Access Denied');
lk::lo('session_' . SESSION_STORAGE);
class index_common
{
	/**
	 * 公共方法及过滤
	 */
	public function __construct()
	{
		self::check_ip();
		self::check_login();
		$_POST   = isset($_POST)   ? new_safe_replace($_POST)   : '';
		$_GET    = isset($_GET)    ? new_safe_replace($_GET)    : '';
		$_COOKIE = isset($_COOKIE) ? new_safe_replace($_COOKIE) : '';
	}
	
	/**
	 * 添加最近浏览
	 */
	final public static function add_views($id)
	{
		$views = get_cookie('_views');
		$views = array_filter(explode('.', $views));
		if(!in_array($id, $views))
		{
			array_push($views, $id);
		}
		$views = implode('.', $views);
		return set_cookie('_views', $views, TIME + 3600);
	}
	
	/**
	 * 取最近浏览
	 */
	final public static function get_views()
	{
		$ids = '';
		$views = get_cookie('_views');
		if($views)
		{
			$ids = array_slice(array_filter(explode('.', $views)), 0, 10);
		}
		return $ids;
	}
	
	/**
	 * 检测登录 跳转
	 */
	final public function chk_login_jump()
	{
		if(!isset($_SESSION['login']) || !$_SESSION['login'])
		{
			showmsg(LANG('please_login'), true, '?m=member&c=index&a=login');
		}
	}

	/**
	 * ip禁止
	 */
	final public static function check_ip()
	{
		$ipbanned = lk::load_model('ipbanned');
		if($ipbanned->is_banned())
		{
			showmsg(LANG('your_ip_no_access'), false);
		}
	}
	
	/**
	 * 检测是否登录
	 * @return null
	 */
	final public static function check_login()
	{
		if(get_cookie('_lkauth'))
		{
			$u = get_cookie('_lkauth');
			$authkey = md5(AUTH_KEY . $_SERVER['HTTP_USER_AGENT']);
			$auth    = lk_auth($u, 'DECODE', $authkey);
			if(strpos($auth, '|') !== false)
			{
				list($_userid, $_groupid, $_username, $_pwd) = explode('|', $auth);
				if(isset($_pwd) && $_pwd)
				{
					$member = lk::load_model('member');
					if(!$member->is_exists('password', $_pwd))
					{
						header('Location:?m=member&c=index&a=login');
					}
				}
				else
				{
					header('Location:?m=member&c=index&a=login');
				}
			}
			else
			{
				$_userid = $_groupid = $_username = null;
			}
			$_SESSION['_userid']   = $_userid;
			$_SESSION['_groupid']  = $_groupid;
			$_SESSION['_username'] = $_username;
		}
		$_SESSION['login'] = (!isset($_SESSION['_userid']) 
							   || !isset($_SESSION['_groupid']) 
							   || !$_SESSION['_groupid'] 
							   || !$_SESSION['_userid']) ? 0 : 1;
	}
	
	/**
	 * xss 过滤
	 */
	function filter_xss($string, $allowedtags = '', $disabledattributes = array('onabort', 'onactivate',
																	 'onafterprint', 'onafterupdate', 
																	 'onbeforeactivate', 'onbeforecopy', 
																	 'onbeforecut', 'onbeforedeactivate', 
																	 'onbeforeeditfocus', 'onbeforepaste', 
																	 'onbeforeprint', 'onbeforeunload', 
																	 'onbeforeupdate', 'onblur', 'onbounce', 
																	 'oncellchange', 'onchange', 'onclick', 
																	 'oncontextmenu', 'oncontrolselect', 
																	 'oncopy', 'oncut', 'ondataavaible', 
																	 'ondatasetchanged', 'ondatasetcomplete', 
																	 'ondblclick', 'ondeactivate', 'ondrag', 
																	 'ondragdrop', 'ondragend', 'ondragenter', 
																	 'ondragleave', 'ondragover', 'ondragstart', 
																	 'ondrop', 'onerror', 'onerrorupdate', 
																	 'onfilterupdate', 'onfinish', 'onfocus', 
																	 'onfocusin', 'onfocusout', 'onhelp', 
																	 'onkeydown', 'onkeypress', 'onkeyup', 
																	 'onlayoutcomplete', 'onload', 'onlosecapture', 
																	 'onmousedown', 'onmouseenter', 'onmouseleave', 
																	 'onmousemove', 'onmoveout', 'onmouseover', 
																	 'onmouseup', 'onmousewheel', 'onmove', 
																	 'onmoveend', 'onmovestart', 'onpaste', 
																	 'onpropertychange', 'onreadystatechange', 
																	 'onreset', 'onresize', 'onresizeend', 
																	 'onresizestart', 'onrowexit', 'onrowsdelete', 
																	 'onrowsinserted', 'onscroll', 'onselect', 
																	 'onselectionchange', 'onselectstart', 'onstart', 
																	 'onstop', 'onsubmit', 'onunload'))
	{
		if(is_array($string))
		{
			foreach($string as $key => $val) $string[$key] = filter_xss($val);
		}
		else
		{
			$string = preg_replace('/\s('.implode('|', $disabledattributes).').*?([\s\>])/', '\\2', preg_replace('/<(.*?)>/ie', "'<'.preg_replace(array('/javascript:[^\"\']*/i', '/(".implode('|', $disabledattributes).")[ \\t\\n]*=[ \\t\\n]*[\"\'][^\"\']*[\"\']/i', '/\s+/'), array('', '', ' '), stripslashes('\\1')) . '>'", strip_tags($string, $allowedtags)));
		}
		return $string;
	}
}